}
}
- ASSERT (bytes >= 0 && bytes <= f->nitems);
+ ASSERT (bytes <= f->nitems);
return bytes;
}
case 'w':
fprintf (stderr, "ERROR: Option -%c requires an argument.\n",
optopt);
+ break;
+
default:
if (isprint (optopt))
fprintf (stderr, "ERROR: Unknown option `-%c'.\n", optopt);
continue;
}
- else if (strlen ((char *) conn->buf))
- printf ("\nSERVER (fd %d): RX (%d bytes) - '%s'\n",
- conn->fd, rx_bytes, conn->buf);
+ else if (((char *) conn->buf)[0] != 0)
+ {
+ // If it looks vaguely like a string, make sure it's terminated
+ ((char *) conn->buf)[rx_bytes <
+ conn->buf_size ? rx_bytes :
+ conn->buf_size - 1] = 0;
+ printf ("\nSERVER (fd %d): RX (%d bytes) - '%s'\n",
+ conn->fd, rx_bytes, conn->buf);
+ }
}
else // rx_bytes < 0
{
argc++;
char **tmp = realloc (argv, argc * sizeof (char *));
if (tmp == NULL)
- {
- fclose (fp);
- goto defaulted;
- }
+ goto defaulted;
argv = tmp;
arg = strndup (p, 1024);
if (arg == NULL)
- {
- fclose (fp);
- goto defaulted;
- }
+ goto defaulted;
argv[argc - 1] = arg;
p = strtok (NULL, " \t\n");
}
}
fclose (fp);
+ fp = NULL;
char **tmp = realloc (argv, (argc + 1) * sizeof (char *));
if (tmp == NULL)
}
defaulted:
+ if (fp != NULL)
+ fclose (fp);
+ if (argv != NULL)
+ free (argv);
if (!clib_mem_init (0, vcl_cfg->heapsize))
clib_warning ("[%d] vppcom heap allocation failure!", vcm->my_pid);
else if (VPPCOM_DEBUG > 0)
unformat_free (input);
file_done:
- if (fd > 0)
+ if (fd >= 0)
close (fd);
}
vlib_default_runtime_dir, 0);
}
+ error = setup_signal_handlers (um);
+ if (error)
+ return error;
+
if (um->pidfile)
{
if ((error = vlib_unix_validate_runtime_file (um,
}
}
- error = setup_signal_handlers (um);
- if (error)
- return error;
-
if (!(um->flags & UNIX_FLAG_INTERACTIVE))
{
openlog (vm->name, LOG_CONS | LOG_PERROR | LOG_PID, LOG_DAEMON);
#include <vnet/vnet.h>
#include <vnet/pg/pg.h>
#include <vppinfra/error.h>
+#include <vppinfra/random.h>
#include <vnet/udp/udp.h>
#include <vnet/ipsec/ipsec.h>
#include <vnet/ipsec/ikev2.h>
+ sa->profile->lifetime;
if (sa->profile->lifetime_jitter)
{
+ // This is not much better than rand(3), which Coverity warns
+ // is unsuitable for security applications; random_u32 is
+ // however fast. If this perturbance to the expiration time
+ // needs to use a better RNG then we may need to use something
+ // like /dev/urandom which has significant overhead.
+ u32 rnd = (u32) (vlib_time_now (vnm->vlib_main) * 1e6);
+ rnd = random_u32 (&rnd);
+
child->time_to_expiration +=
- 1 + (rand () % sa->profile->lifetime_jitter);
+ 1 + (rnd % sa->profile->lifetime_jitter);
}
}
&& s->flags & SOCKET_ALLOW_GROUP_WRITE)
{
struct stat st = { 0 };
- stat (((struct sockaddr_un *) &addr)->sun_path, &st);
+ if (stat (((struct sockaddr_un *) &addr)->sun_path, &st) < 0)
+ {
+ error = clib_error_return_unix (0, "stat (fd %d, '%s')",
+ s->fd, s->config);
+ goto done;
+ }
st.st_mode |= S_IWGRP;
- chmod (((struct sockaddr_un *) &addr)->sun_path, st.st_mode);
+ if (chmod (((struct sockaddr_un *) &addr)->sun_path, st.st_mode) <
+ 0)
+ {
+ error =
+ clib_error_return_unix (0, "chmod (fd %d, '%s', mode %o)",
+ s->fd, s->config, st.st_mode);
+ goto done;
+ }
}
}
else